Ibm Qradar Edr vulnerabilities

CVE-2025-36379 [MEDIUM] CWE-326 CVE-2025-36379: IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptogra IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVE-2025-36377 [MEDIUM] CWE-613 CVE-2025-36377: IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.

CVE-2024-45643 [MEDIUM] CWE-327 CVE-2024-45643: IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information.

CVE-2024-45638 [MEDIUM] CWE-256 CVE-2024-45638: IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local priv IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.